Cybersecurity Engineer Boston - MA - Massachusetts

Boston, MA, US • Posted 1 day ago • Updated 12 hours ago
Contract Corp To Corp
Contract W2
12 Months
On-site
$50 - $55/hr
Fitment

Dice Job Match Score™

🫥 Flibbertigibetting...

Job Details

Skills

  • Cyber Security
  • Vulnerability Management

Summary

Job Description:

We are seeking Benchtop support This individual will work directly within the Lab Solutions team to execute a portfolio of active security workstreams including Non-Attributable Account (NAA) remediation, software download restrictions, vulnerability remediation, and USB data transfer controls while supporting the broader goal of bringing lab OT posture in line with enterprise security standards.

This is a highly technical, execution-focused role requiring strong hands-on skills in Active Directory, endpoint security, network architecture, and lab instrument environments. The successful candidate will be comfortable working across both IT and OT boundaries, engaging directly with Business System Owners, lab scientists, vendors, and global site partners to deliver change in a complex, multi-site environment

Key Responsibilities

1. NAA (Non-Attributable Account) Remediation

Support the design, testing, and execution of the Non-Attributable Account (NAA) remediation program across RC4-dependent and non-RC4-dependent account types.

Assist in building, maintaining, and activating host allowdeny lists within the Lab Organizational Unit (OU) in Active Directory.

Coordinate with InfoSec and AD teams to execute password reset mechanisms and validate outcomes across pilot and full-rollout phases.

Engage Business System Owners and lab staff to identify NAA usage patterns, confirm active engagements, and support transition to properly managed service accounts.

Support deployment and configuration of Transparent Screen Lock and BeyondTrust (password management and remote access) as replacement mechanisms for NAA-dependent workflows.

2. Software Governance & Controls

Assist in defining and implementing a policy-based software allowlist across lab workstations and instrument PCs in the Lab OU.

Identify currently installed unauthorized or unlicensed software across lab endpoints and support remediation planning.

Develop and maintain a formal exception request process for legitimate scientific software deployment needs.

3. Vulnerability Management

Support CrowdStrike EDR sensor deployment and gap closure across lab endpoints, coordinating with InfoSec and site partners.

Identify and remediate open or misconfigured file shares presenting lateral movement and data exfiltration risk.

Contribute to OS patching cadence and compliance tracking for lab workstations and instrument PCs.

Assist in end-of-life operating system identification, remediation planning, and isolation strategies across lab infrastructure.

Support server-level vulnerability triage and remediation in coordination with the infrastructure team.

4. USB & Data Transfer Controls

Assess current USB usage patterns across lab sites and instrument workflows.

Assist in defining and implementing a tiered USB restriction policy (block, monitor, allow-by-exception) that protects the environment without impeding legitimate scientific workflows.

Manage the formal USB exception process for vendor-mediated access scenarios.

5. Cross-Site & Operational Support

Serve as a hands-on technical resource for site partners across BostonUS, OxfordUK, and other global lab locations.

Maintain accurate documentation of system configurations, allowdeny lists, service account inventories, and workstream progress.

Contribute to demand intake and ServiceNow-based request management for new service account and access requests.

Participate in hypercare periods following major changes, providing rapid response to connectivity or authentication issues.

Communicate clearly with both technical and non-technical stakeholders, including lab scientists, Business System Owners, and senior leadership.

Required Qualifications

Education

Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience)

Experience

2 5 years of relevant experience in ITOT systems engineering, endpoint security, or lab systems support or an equivalent combination of education and experience.

Hands-on experience with Active Directory administration, including Organizational Unit (OU) management, Group Policy, and service account provisioning.

Experience working in or supporting laboratory, manufacturing, or operational technology environments.

Demonstrated experience executing security remediation activities such as patching, endpoint agent deployment, or access control changes.

Experience working with endpoint security platforms (CrowdStrike or equivalent EDR tools preferred).

Familiarity with privileged access management or password vault tools (BeyondTrust or equivalent).

Familiarity with Endpoint Management (EPM) tools for computer fleet management

Technical Skills

Identity & Access Management

Proficiency in Active Directory administration: OU structure, Group Policy Objects (GPOs), userservice account management, and authentication protocols including RC4NTLMKerberos.

Understanding of allowdeny list enforcement mechanisms within AD and Lab OU environments.

Experience with service account lifecycle management and privileged access controls.

Understanding of enterprise Identity Management tools (Sailpoint)

Endpoint & OT Security

Working knowledge of endpoint detection and response (EDR) platforms, particularly CrowdStrike Falcon.

Understanding of OTlab network architecture, including isolated or semi-isolated lab network segments, instrument connectivity, and associated security risks.

Familiarity with USB restriction and software control policies on Windows endpoints.

Knowledge of vulnerability management concepts: OS patching, EOL systems, open file shares, and network-level exposure.

Lab & Instrument Environment Familiarity

Understanding of how lab instruments authenticate to networks and the dependencies that exist between shared accounts and instrument operation.

Familiarity with Transparent Screen Lock (TSL) or similar technologies for instrument session management.

Awareness of lab data systems such as NuGenesis (SDMS), Empower (Waters), or similar scientific data and chromatography platforms is a plus.

Awareness of working in Biopharma Laboratory Environments

Awareness of GxP and Information Security compliance constraints

Familiarity with ITIL ITSM principles

Tools & Platforms

ServiceNow or equivalent ITSM platform for demand intake and ticket management.

BeyondTrust or equivalent privileged access management and remote support tooling.

Microsoft Windows Server and Windows 1011 administration.

Familiarity with network monitoring and log analysis tools.

Proficiency in PowerShell preferred.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 90911958
  • Position Id: 9014917
  • Posted 1 day ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Lexington, Massachusetts

Today

Full-time

USD 95,700.00 - 126,700.00 per year

Burlington, Massachusetts

10d ago

Easy Apply

Contract

55 - 56

Remote

Today

Full-time

USD 87,100.00 - 157,450.00 per year

No location provided

Today

Full-time

USD 26.00 - 36.00 per hour

Search all similar jobs